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DETAILED ACTION 
Continued Examination Under 37 CFR LI 14 

1 . A request for continued examination under 37 CFR 1.114, including the fee set forth in 
37 CFR 1 17(e), was filed in this application after final rejection. Since this application is 
eligible for continued examination under 37 CFR 1 . 1 14, and the fee set forth in 37 CFR 1 .17(e) 
has been timely paid, the finality of the previous Office action has been withdrawn pursuant to 
37 CFR 1.114. Applicant's submission filed on November 1 8,2003 has been entered. 

2. Claims 1-24 have been examined. 

Claim Rejections - 35 USC § 112 

3. Claims 3 and 4 rejected under 35 U.S.C. 112, second paragraph, as being indefinite for 
failing to particularly point out and distinctly claim the subject matter which applicant regards as 
the invention. 

4. Claim 3 recites the limitation "the integrity" in line 1. There is insufficient antecedent 
basis for this limitation in the claim. 

Claim Objections 

5. Claim is 12 objected to because of the following informalities: duplicate information; the 
limitation of claim 12 is already listed in claim 1, this claim does not further narrow claim 1. 
Appropriate correction is required. 

6. Claim is 13 objected to because of the following informalities: duplicate information; the 
limitation of claim 13 is already listed in claim 1, this claim does not further narrow claim 1. 
Appropriate correction is required. 



Application/Control Number: 09/659,78 1 Page 3 

Art Unit: 3621 

7. Claim 23 objected to because of the following informalities: typographically error (see 
line 3), change "benter" to "center". Appropriate correction is required. 

Claim Rejections - 35 USC § 103 

8. The following is a quotation of 35 U.S. C. 103(a) which forms the basis for all 

obviousness rejections set forth in this Office action: 

(a) A patent may not be obtained though the invention is not identically disclosed or described as set forth in 
section 102 of this title, if the differences between the subject matter sought to be patented and the prior art are 
such that the subject matter as a whole would have been obvious at the time the invention was made to a person 
having ordinary skill in the art to which said subject matter pertains. Patentability shall not be negatived by the 
manner in which the invention was made. 

9. Claims 1 and 24 are rejected under 35 U.S.C. 103(a) as being unpatentable over US 
Patent No. 6385729 to DiGiorgio et al. in view of US Patent No. 65163 16 to Ramasubramani et 
al. 

DiGiorgio et al. disclose accessing a gateway by the mobile station and transmitting an 
identification code for mobile station to the gateway; verifying the identity of the mobile station 
by the gateway and comparing mobile station generated variables computed by the mobile 
station with gateway generated variables computed by the gateway, verifying the legitimacy of 
the gateway by the mobile station by comparing the variables computed by the gateway with the 
variables computed by the mobile station (see col. 10, lines 24-60; col 5, line 47). DiGiorgio et 
al. do not expressly disclose the gateway accessing an authentication center, requesting a digital 
certificate by the mobile station from the gateway used to order and authorize a product or 
service from a service provider, delivering a digital certificate to the mobile station by the 
gateway when the identity of the mobile station have been verified; and requesting a product or 
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service from the service provider; and transmitting a digital signature by the mobile station 
accompanied by the digital certificate for a signature verification key as authorization to said 
service provider. Ramasubramani et al. disclose the gateway accessing an authentication center 
(see col. 8, lines 41-48) and verifying the mobile station identity, requesting a digital certificate 
by the mobile station from the gateway used to order and authorize a product or service from a 
service provider, delivering a digital certificate to the mobile station by the gateway when the 
identity of the mobile station have been verified (col 9, lines 45-54; col. 1 1, lines 37-41); and 
requesting a product or service from the service provider; and transmitting a digital signature by 
the mobile station accompanied by the digital certificate for a signature verification key as 
authorization to said service provider (see col. 4, lines 25-34). At the time the invention was 
made, it would have been obvious to a person of ordinary skill in the art to modify the method 
disclose by DiGiorgio et al. to include a gateway accessing an authentication center, requesting a 
digital certificate by the mobile station from the gateway used to order and authorize a product or 
service from a service provider, delivering a digital certificate to the mobile station by the 
gateway when the identity of the mobile station have been verified; and requesting a product or 
service from the service provider; and transmitting a digital signature by the mobile station 
accompanied by the digital certificate for a signature verification key as authorization to said 
service provider. One of ordinary skill in the art would have been motivated to do this because it 
provides security; that is, it utilizes digital certificates and signatures, which verifies the identity 
of the user. 
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10. Claims 2 and 7 are rejected under 35 U.S.C. 103(a) as being unpatentable over DiGiorgio 
et al. and Ramasubramani et al as applied to claim 1 above, and further in view of U.S. Patent 
No. 6062472 to Cheung. 

Ramasubramani et al. disclose transmitting from the mobile station to the gateway 
session identification and a mobile subscriber identifier and transmitting the mobile subscriber 
identifier from the gateway to the authentication center (see col. 7, lines 1 and 2; col. 8, lines 40- 
48). Ramasubramani et al. do not expressly disclose transmitting from the authentication center 
to the gateway a random number (RAND), a signed response (SRES), and an encryption key; 
computing a variable Ml by the gateway and transmitting the variable Ml and the random 
number to the mobile station, computing a variable Ml' by the mobile station; or verifying the 
legitimacy of the gateway when the variable Ml equals the variable Ml'. Cheung discloses 
transmitting from the authentication center to the gateway a random number (RAND), a signed 
response (SRES), and an encryption key; computing a variable Ml by the gateway and 
transmitting the variable Ml and the random number to the mobile station, computing a variable 
Ml' by the mobile station; and verifying the legitimacy of the gateway when the variable Ml 
equals the variable Ml' (see col. 3, lines 47-57, 63-67; col. 4, lines 1-1 1). At the time the 
invention was made, it would have been obvious to a person of ordinary skill in the art to modify 
the method disclose to include the steps of transmitting from the authentication center to the 
gateway a random number (RAND), a signed response (SRES), and an encryption key; 
computing a variable Ml by the gateway and transmitting the variable Ml and the random 
number to the mobile station, computing a variable Ml' by the mobile station; and verifying the 
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legitimacy of the gateway when the variable Ml equals the variable Ml'. One of ordinary skill 
in the art would have been motivated to do this because it provides security. 

Referring to claim 7, Cheung discloses transmitting in at least one message a signed 
response, public key and a variable M2 computed by the gateway, computing a variable M2' by 
the gateway, and verifying the identity of the mobile station when the variable M2 equals the 
variable M2' (see col. 3, lines 47-57, 63-67; col. 4, lines 1-11). 

1 1 . Claims 9 and 10 are rejected under 35 U.S.C. 103(a) as being unpatentable over 
DiGiorgio et al. and Ramasubramani et al. as applied to claim 1 above, and further in view of 
U.S. Patent No. 6285991 to Powar. 

Powar disclose transmitting the certificate with the request for the product or service (see 
col. 10, lines 14-27), receiving an invoice from the service provider indicating a price for the 
product or service, computing a digital signature on the invoice (see col. 1, lines 7-20), 
approving the invoice by transmitting the digital signature to the service provider (see col. 11, 
lines 59-60; col. 12, lines 1-8). As for accepting delivery of a product or service by a buyer, this 
is an inherent step; that is, if the customer approves the invoice, he is accepting delivery of the 
product. At the time the invention was made, it would have been obvious to a person of ordinary 
skill in the art to modify the method disclose by DiGiorgio et al. to include the step transmitting 
the certificate, receiving an invoice, computing a digital signature, approving the invoice and 
accepting the delivery. One of ordinary skill in the art would have been motivated to do this 
because it confirms the requester identity thus, preventing fraud. 

Referring to claim 10, Powar discloses verifying the digital signature, verifying that 
restrictions associated with the digital certificate are not violated (see col. 10, lines 29-61). 
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Although, Power does not explicitly disclose creating an accounting record, this is an inherent 
step. That is, Power discloses comparing account records; before the records can be compared it 
must first be created. 

12. Claim 1 1 is rejected under 35 U.S.C. 103(a) as being unpatentable over DiGiorgio et al., 
Ramasubramani et al. and Power et al. as applied to claim 10 above, and further in view of 
International Publication No. WO 99/49404 to Cochinwala et al 

Cochinwala et al. disclose transmitting from the service provider to the gateway the 
accounting record having an invoice and digital signature of a customer of a home network 
operator service, determining by the gateway that a corresponding record exists in a local 
database and the validity of the digital signature, determining whether the invoice violates any 
restrictions contained in the corresponding record, crediting the service provider with an amount 
equal to that in the invoice and billing the buyer with the amount of the invoice (see Abstract, 
lines 7-8, pg. 4, lines 19-25). At the time the invention was made, it would have been obvious to 
a person of ordinary skill in the art to modify the method disclose by DiGiorgio et al. to include 
the steps of disclose transmitting from the seller to the gateway the accounting record having an 
invoice and digital signature of a customer of a home network operator service, determining by 
the gateway that a corresponding record exists in a local database and the validity of the digital 
signature, determining whether the invoice violates any restrictions contained in the 
corresponding record, crediting the seller with an amount equal to that in the invoice and billing 
the buyer with the amount of the invoice. One of ordinary skill in the art would have been 
motivated to do this because provides security. 
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13. Claims 14,15, 19 and 20 are rejected under 35 U.S.C. 103(a) as being unpatentable over 
Ramasubramani et al., Cheung in view of DiGiorgio et al. 

Referring to claims 14 and 15, Ramasubramani et al. disclose a cellular network 
authentication module to verify that the mobile station is permitted to access a telecom 
infrastructure (see col. 8, lines 30-35), a mobile station certificate acquisition module to request a 
digital certificate for the mobile station from a gateway (see col. 9, lines 45-54), a gateway 
certificate generation module to verify that the mobile station is authorized to receive the digital 
certificate by transmitting a mobile subscriber identifier from the mobile station to an 
authentication center, i.e. "server module" (see col. 8, lines 40-48; col. 7, lines 1, 2; col. 5, lines 
55-60), the mobile station requesting a product or service from a service provider and 
transmitting a digital signature accompanied by the digital certificate for signature verification 
key as authorization to the service provider (see col. 4, liens 25-34). Ramasubramani et al. do 
not expressly disclose calculate variables based on information received from the authentication 
center and compare them to variables computed by the mobile station and issue the digital 
certificate to the mobile station when the variables match, wherein the mobile station verifies the 
legitimacy of the gateway by comparing the variables calculated by the gateway with the 
variables computed by the mobile station or the mobile station certificate acquisition module 
verifies that the gateway is authorized to issue the digital certificate through the use of 
comparing variables computed by the gateway. Cheung discloses disclose a gateway certificate 
generation module to calculate variables based on information received from the authentication 
center and compare them to variable computed by the mobile station, and issue the digital 
certificate to the mobile station when the variables match (see col. 3, lines 47-51, 63-64; col. 4, 
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lines 1-11). DiGiorgio et al. disclose the mobile station verifies the legitimacy of the gateway by 
comparing the variables calculated by the gateway with the variables computed by the mobile 
station; wherein the mobile station certificate acquisition module verifies that the gateway is 
authorized to issue the digital certificate through the use of comparing variables computed by the 
gateway and the mobile station (see col. 10, lines 24-60). At the time the invention was made, it 
would have been obvious to a person of ordinary skill in the art to modify system disclose by 
Ramasubramani et al. to include calculate variables based on information received from the 
authentication center and compare them to variables computed by the mobile station and issue 
the digital certificate to the mobile station when the variables match, wherein the mobile station 
verifies the legitimacy of the gateway by comparing the variables calculated by the gateway with 
the variables computed by the mobile station. One of ordinary skill in the art would have been 
motivated to do this because it provides security; that is, it utilizes digital certificates which 
verifies the identity of the user; thus, preventing fraud. 

Referring to claim 19 and 20 see the rationale above; as per the code segments, Cheung 
discloses software within the control means (see col. 3, lines 39-45). It is known in that art that 
software comprises code; thus, the examiner notes that this code my include authentication code, 
certificate acquisition code, certificate generation code. 

14. Claims 16 and 17 are rejected under 35 U.S.C. 103(a) as being unpatentable over 
Ramasubramani et al., Cheung, and DiGiorgio et al. as applied to claim 15 above, and further in 
view and Cochinwala et al. 
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Ramasubramani et al. disclose a purchase module to request the purchase of a good or 
service from a service provider, present the digital certificate to the service provider, provide the 
service provider with a digital signature approving the purchase of the good or service and a 
sales module to verify the validity of the digital certificate and the validity of the digital signature 
(see col 4, lines 24-34). Ramasubramani et al. do not explicitly teach a purchase module for 
receiving an invoice or a sales module for issuing an invoice; however, these are inherent steps. 
Ramasubramani et al. teach a purchase transaction, in which the user transmits messages and 
receives messages from a user web site; therefore, the examiner presumes that these messages 
may include invoices. Also, Ramasubramani et al. do not expressly disclose a billing module to 
transmit to the gateway the accounting record and receive a response indicating if the accounting 
record has been approved for payment, or a gateway billing module to verify the accounting 
record and an accompanying signature, and issue a credit to the service provider and debit to a 
buyer when the accounting record and the accompanying signature are verified. Cochinwala et 
al. disclose a seller billing module to transmit to the gateway the accounting record and receive a 
response indicating if the accounting record has been approved for payment, and a gateway 
billing module to verify the accounting record and an accompanying signature, and issue a credit 
to the seller and debit to the buyer when the accounting record and the accompanying signature 
are verified (see abstract, lines 7-8; pg. 4, lines 19-25). At the time the invention was made, it 
would have been obvious to a person of ordinary skill in the art to modify the system disclose by 
Ramasubramani et al. to include a purchase module that receives invoice, a sales module that 
issues invoice, a seller billing module to transmit to the gateway the accounting record and 
receive a response indicating if the accounting record has been approved for payment, and a 
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gateway billing module to verify the accounting record and an accompanying signature, and 
issue a credit to the seller and debit to the buyer when the accounting record and the 
accompanying signature are verified. One of ordinary skill in the art would have been motivated 
to do this because it provides security; that is, it utilizes digital certificates and signatures, which 
verifies the identity of the user. 

Referring to claim 17, Ramasubramani et al. disclose the method wherein the gateway 
certificate generation module transmits a mobile subscriber identifier to authentication center 
(see col. 8, lines 40-48; col. 7, lines 1, 2; col. 5, lines 55-60). Ramasubramani et al. do not 
expressly disclose receiving a random number, a signed response and an encryption key from the 
authentication center, computing a variable Ml, M2' and M3 and verifying the validity of the 
mobile station by comparing variable M2 received form the mobile station with variable M2'. 
Cheung discloses the gateway certificate generation module receives a random number (RAND), 
a signed response (SRES), and an encryption key from the authentication center; computes a 
variable Ml, M2', and M3 and verifies the validity of the mobile station by comparing variables 
M2 received form the mobile station with variable (see col. 3, lines 47-57, 63-67; col. 4, lines 1- 
11). At the time the invention was made, it would have been obvious to a person of ordinary 
skill in the art to modify the system disclose by Ramasubramani et al. to include the gateway 
certificate generation module receives a random number (RAND), a signed response (SRES), 
and an encryption key from the authentication center; computes a variable Ml, M2', and M3 and 
verifies the validity of the mobile station by comparing variables M2 received form the mobile 
station with variable. One of ordinary skill in the art would have been motivated to do this 
because it provides security. 
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15. Claim 18 is rejected under 35 U.S.C 103(a) as being unpatentable over et al. 
Ramasubramani et al, Cheung and DiGiorgio et al as applied to claim 14 above, and further in 
view of "The GSM System" to Mouly et al. 

Mouly et al. disclose a subscriber identification module (SIM) used to compute a signed 
response and a ciphering key based on a secret key, installed by a home network operator service 
in the subscriber identification module upon signing up for a service plan, and a random number 
obtained from an authentication center in the home network operator service; an A3 algorithm 
module, contained in the SIM, is used to compute the signed response; and an A8 algorithm 
module, contained in the SIM, is used to compute the ciphering key, wherein through the 
transmission of signed responses to and from the mobile station a telecommunication 
infrastructure is able to verify that the mobile station is authorized to access the 
telecommunication infrastructure and the gateway (see pg. 478-480). At the time the invention 
was made, it would have been obvious to a person of ordinary skill in the art to modify the 
system disclose by Ramasubramani et al. to include a subscriber identification module, A3 
algorithm module, an A8 algorithm module. One of ordinary skill in the art would have been 
motivated to because it provides an additional level of security. 

16. Claims 21 -23 are rejected under 35 U.S.C. 103(a) as being unpatentable over 
Ramasubramani et al, Cheung in view of DiGiorgio et al. as applied to claim 19 above, and 
further in view of Cochinwala et al. 

Ramasubramani et al. discloses a buyer purchase code segment to request the purchase of 
a good or service from a service provider, present the digital certificate to the service provider, 
provide the seller with a digital signature approving the purchase of the good or service and a 
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sales code segment to verify the validity of the digital certificate and the validity of the digital 
signature, generate an accounting record and deliver a product or service (see col. 10, lines 29- 
61). (see col. 4,lines 24-34, fig. 1-3). Ramasubramani et al. do not expressly disclose a purchase 
code segment for receiving an invoice or a sales code segment for issuing an invoice; however, 
these are inherent steps. Ramasubramani et al. teach a purchase transaction, in which the user 
transmits messages and receives messages from a user web site; therefore, the examiner 
presumes that these messages may include invoices. Also, Ramasubramani et al. do not expressly 
disclose a billing code segment to transmit to the gateway the accounting record and receive a 
response indicating if the accounting record has been approved for payment, or a gateway billing 
code segment to verify the accounting record and an accompanying signature, and issue a credit 
to the service provider and debit to a buyer when the accounting record and the accompanying 
signature are verified. Cochinwala et al. disclose a seller billing code segment to transmit to the 
gateway the accounting record and receive a response indicating if the accounting record has 
been approved for payment, and a gateway billing code segment to verify the accounting record 
and an accompanying signature, and issue a credit to the seller and debit to the buyer when the 
accounting record and the accompanying signature are verified (see abstract, lines 7-8; pg. 4, 
lines 19-25). At the time the invention was made, it would have been obvious to a person of 
ordinary skill in the art to modify the system disclose by Ramasubramani et al. to include a seller 
billing code segment to transmit to the gateway the accounting record and receive a response 
indicating if the accounting record has been approved for payment, and a gateway billing code 
segment to verify the accounting record and an accompanying signature, and issue a credit to the 
seller and debit to the buyer when the accounting record and the accompanying signature are 
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verified. One of ordinary skill in the art would have been motivated to do this because it 
provides security; that is, it utilizes digital certificates and signatures, which verifies the identity 
of the user. 

Referring to claim 22, Ramasubramani et al. disclose the mobile station certification 
acquisition code segment transmits a session identification and a mobile subscriber identifier to 
the gate (see col. 7, lines 1 and 2; col. 8, lines 40-48). Ramasubramani et al. do not expressly 
disclose the station certificate acquisition code segment receives a random number and a variable 
Ml from the gateway and verifies that the gateway is authentic by computing and comparing the 
variable Ml ' with Ml. Cheung discloses the station certificate acquisition code segment 
receives a random number and a variable Ml from the gateway and verifies that the gateway is 
authentic by computing and comparing the variable Ml' with Ml (see col. 3, lines 47-57, 63-67; 
col. 4, lines 1-11). 

Referring to claim 23, Ramasubramani et al. disclose the method wherein the gateway 
certificate generation code segment transmits a mobile subscriber identifier to authentication 
center (see col. 8, lines 40-48; col. 7, lines 1, 2; col. 5, lines 55-60). Ramasubramani et al. do not 
expressly disclose receiving a random number, a signed response and an encryption key from the 
authentication center, computing a variable Ml, M2' and M3 and verifying the validity of the 
mobile station by comparing variable M2 received form the mobile station with variable M2\ 
Cheung discloses the gateway certificate generation module receives a random number (RAND), 
a signed response (SRES), and an encryption key from the authentication center; computes a 
variable Ml, M2\ and M3 and verifies the validity of the mobile station by comparing variables 
M2 received form the mobile station with variable (see col. 3, lines 47-57, 63-67; col. 4, lines 1- 
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11). At the time the invention was made, it would have been obvious to a person of ordinary 
skill in the art to modify the system disclose by Ramasubramani et al. to include the gateway 
certificate generation module receives a random number (RAND), a signed response (SRES), 
and an encryption key from the authentication center; computes a variable Ml, M2', and M3 and 
verifies the validity of the mobile station by comparing variables M2 received form the mobile 
station with variable. One of ordinary skill in the art would have been motivated to do this 
because it provides security. 



Allowable Subject Matter 

17. Claims 5, 6 and 8 are objected to as being dependent upon a rejected base claim, but 
would be allowable if rewritten in independent form including all of the limitations of the base 
claim and any intervening claims. 

Conclusion 

18. The prior art made of record and not relied upon is considered pertinent to applicant's 
disclosure. 

• US Patent No. 6141752 to Danes et al. discloses mechanism for facilitating secure 
storage and retrieval of information on a smart card by an Internet Service Provider 
using various network computer client devices. 

• US Pub. No. 2003/0046237 to Uberti discloses a method and system for enabling the 
issuance of biometrically secured online credit or other online payment transactions 
without tokens. 
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Any inquiry concerning this communication or earlier communications from the 
examiner should be directed to Jalatee Worjloh whose telephone number is 703-305-0057. The 
examiner can normally be reached on Mondays-Thursdays 8:30 - 7:00. 

If attempts to reach the examiner by telephone are unsuccessful, the examiner's 
supervisor, James Trammell can be reached on 703-305-9768. The fax phone number for the 
organization where this application or proceeding is assigned is 703-872-9306 and 703-746-9443 
for Non-Official/Draft. 

Information regarding the status of an application may be obtained from the Patent 
Application Information Retrieval (PAIR) system. Status information for published applications 
may be obtained from either Private PAIR or Public PAIR. Status information for unpublished 
applications is available through Private PAIR only. For more information about the PAIR 
system, see http://pair-direct.uspto.gov. Should you have questions on access to the Private PAIR 
system, contact the Electronic Business Center (EBC) at 866-217-9197 (toll-free). 

Any response to this action should be mailed to: 



Hand delivered responses should be brought to Crystal Park 5, 2451 Crystal Drive, 
Arlington, V.A., Seventh floor receptionist. f 
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PO Box 1450 
Alexandria, VA 22313-1450 



January 29, 2004 




